www.IRC-Junkie.org – IRC News

All about Internet Relay Chat

Eggdrop 1.6.19 Released

It took almost 2 years for a new release, and even then it consists mostly of bugfixes of which one fixes a serious issue.

Version 1.6.19 of the popular IRC bot Eggdrop fixes a buffer overflow issue in the server module. It is exploitable by a malicious server. As long as the bot connects to a reputable server it should be OK.

IRC-Junkie tried to contact Guppy with a few questions but has received no reply so far, partly explaining the delay in reporting this new release.

A list of all updates according to the updates.txt file:


- Update the recommended TCL version to 8.5

- Updated Copyright dates

- added [sL] and thommey to the AUTHORS file

- load blowfish by default

- added a TCL to handle the PONG : junk on some EFnet servers

- add a simple TCL to handle the PASS junk on some Undernet servers

- add support for chanmode +T

- CTCP parsing was broken by the servmsg.c buffer overflow patch

- Fixed a couple of typos in the FEATURES file.

- Fixed two buffer overflows in servmsg.c (CVE-2007-2807).

- Fixed compatibility problems with certain time_t implementations.

- Complete raw traffic wasn’t getting logged in some cases; only the raw command itself was. Fixed.

Related posts:

  1. BNC 2.8.9 remote buffer overflow
  2. Update on the Development of Eggdrop
  3. Majority of Junk Traffic Consists of DDoS Targetted at IRC Servers
  4. Help! My Network is in Servers.ini!
  5. mIRC Local DCC Issue: Exploit, Vulnerability or Neither?
Category: IRC, Software
Tag: Eggdrop, IRC, Software

0 Responses

  • El_Rico says:

    Since http://www.eggheads.org seems to be down right know you can grab the source http://www.egghelp.org/files.htm here.

    October 29, 2008 at 1:41 pm
    Reply

  • Asmo says:

    Doh, stupid of me to leave out a download link (even if Eggheads was down). Thanks El_Rico :)

    October 29, 2008 at 1:41 pm
    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*